Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Explorer' = '%APPDATA%\explorer.exe'
- System Restore (SR)
- %APPDATA%\explorer.exe
- %APPDATA%\windows explorer\psgbtquifooz 10-12-20.txt
- 'to##ive.eu':21
- 'to##ive.eu':21
- DNS ASK co####lackops.info
- DNS ASK to##ive.eu